What Is Google FLoC and Why It Threatens Your Privacy

On March 30, 2021, Google launched trials of "Federated Learning of Cohorts" (FLoC) in several countries through Chrome browser version 89 and above. They did so without asking Chrome users for consent and enabled it by default.

In their press release, Google called it "a privacy-first future of web advertising." Here is why that characterization is misleading and why a billion-dollar advertising company has no genuine interest in collecting less data about users.

What Is FLoC?

FLoC is a method to collect, summarize, and monetize your recent internet browsing activity. For FLoC to be useful to Google, it must reveal information about user behavior. Unlike traditional third-party tracking scripts, FLoC operates directly through the Chrome browser itself.

How FLoC Works

Chrome uses algorithms to create "cohorts" -- groups of people who share similar interests based on browsing habits. The browser monitors your activity and assigns you to a cohort. Although Google claims that local browsing data is not shared directly (only cohort information is transmitted), this cohort data can be combined with other browser-exposed data to create unique fingerprints for individual users.

A Practical Example

Imagine you visit websites about hiking gear, vegetarian cooking, and photography. FLoC assigns you to a cohort of other people with similar browsing patterns. Advertisers can then target that entire cohort without supposedly knowing your individual identity.

The problem is that cohort IDs, combined with basic browser information (screen resolution, installed fonts, timezone), create a near-unique identifier. Research has shown this combination effectively re-identifies individuals, defeating the supposed anonymity.

Why FLoC Is Bad for Privacy

Several fundamental problems undermine Google's privacy claims:

1. It was enabled without consent. Users were not asked whether they wanted their browsing habits analyzed and categorized. This violates the principle of informed consent that underpins most privacy legislation.

2. It creates new fingerprinting surfaces. The cohort ID itself becomes an additional data point that trackers can use alongside existing fingerprinting techniques to identify users more precisely.

3. Sensitive categories are not adequately protected. Google claimed that sensitive categories would be excluded, but independent testing found that cohorts still revealed information about medical conditions, sexual orientation, and political views through correlation with browsing patterns.

4. It centralizes tracking power. Rather than distributing tracking across many third-party cookies (which browsers are increasingly blocking), FLoC concentrates this capability within Chrome itself -- controlled entirely by Google.

5. It maintains the surveillance model. FLoC does not eliminate tracking; it restructures it. The fundamental business model of profiling users for advertising remains unchanged.

Industry Response

Major browsers including Firefox, Safari, Brave, and Vivaldi announced they would not implement FLoC. The Electronic Frontier Foundation (EFF) published detailed analysis of why FLoC represents a new form of tracking rather than a privacy improvement.

WordPress, which powers over 40% of the web, proposed treating FLoC as a security concern. DuckDuckGo released a browser extension to block FLoC.

What You Can Do

The most effective protection against browser-based tracking is using a browser that respects privacy by design. Firefox, Brave, and Safari all block FLoC and similar tracking mechanisms. For Chrome users, switching browsers is the most straightforward solution.

Website owners can also take action by adding an HTTP header (Permissions-Policy: interest-cohort=()) to opt their sites out of FLoC calculations, preventing their visitors' data from being used to build behavioral profiles.

The broader lesson is clear: when an advertising company offers "privacy-friendly" tracking, skepticism is warranted. True privacy means not being tracked at all -- not being tracked in a slightly different way.